


<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>主机报表</title>
<link rel="stylesheet" href="media/report/css/ns_report.css" />
<link rel="stylesheet" href="media/report/css/ns_report_rsas.css" />
<script src="media/report/js/jquery-1.7.2.js"></script>
<script src="media/report/js/common.js"></script>
</head>
<body>
<div id="report" class="wrapper">
  <div class="report_tip"></div>
  <div id="head" class="report_title">
    <h1>绿盟科技&#34;远程安全评估系统&#34;安全评估报告-主机报表</h1>
    <span class="note">&nbsp;</span> 
  </div>
  <!--head end,catalog start-->
  <div id="catalog">
    <div class="report_h1">目录</div>
  </div>
  <div id="content">
    
        <!-- host_info -->





<div class="report_h report_h1">1.主机概况</div>
<div class="report_content"><table class="report_table plumb">
		<tbody>
			<tr class="odd"">
				<th width="120" style="vertical-align:middle">主机风险</th>
				<td style="padding:6px;">  <img align="absmiddle" src="media/report/images/b_high.gif"/><span class="level_danger high"> 非常危险（8.4分） </span>  </td>
			</tr>
		</tbody>
	</table>
	<table>
		<tr>
			<td valign="top" style="width:50%;">
			<table class="report_table plumb">
				<tbody>
					<tr class="even">
						<th width="120">IP地址</th>
						<td>124.74.244.172</td>
					</tr>
					
					
					
					
					
					<tr class="odd">
						<th>系统版本</th>
						<td>V6.0R02F03SP13</td>
					</tr>
					
					
					<tr class="even">
						<th>插件版本</th>
						<td>V6.0R02F01.1205</td>
					</tr>
					
					
					<tr class="odd">
						<th>扫描起始时间</th>
						<td>2018-11-25 15:22:27</td>
					</tr>
					
					
					<tr class="even">
						<th>扫描结束时间</th>
						<td>2018-11-25 16:02:23</td>
					</tr>
					
					
					
					
				</tbody>
			</table></td>
			<td style="width:12px;"></td>
			<td valign="top" style="width:50%;">
			<table class="report_table plumb">
				<tbody>
					<tr class="even">
						<th width="190">漏洞扫描检查模板</th>
						<td>自动匹配扫描</td>
					</tr>
					
					
					
					<tr class="odd">
						<th width="190">漏洞风险评估分</th>
						<td> 8.4分 </td>
					</tr>
					
					
					
					<tr class="even">
						<th>主机风险评估分</th>
						<td>8.4分</td>
					</tr>
					
					
				</tbody>
			</table></td>
		</tr>
	</table></div>
        
    

     
    
        <!-- vuln info -->





<div class="report_h report_h1">2.漏洞信息</div>
<div class="report_content">

    
    
    <div class="report_h report_h2" id="title2_1">2.1 漏洞概况</div>
    <div>
        <div style="text-align:right; vertical-align:middle;">
            漏洞类别：<img align="absbottom" src="media/report/images/vuln_high.gif"/>高危险[<span id='level_high_span'>0</span>]&nbsp;&nbsp;<img align="absbottom" src="media/report/images/vuln_middle.gif"/>中危险[<span id='level_middle_span'>0</span>]&nbsp;&nbsp;<img align="absbottom" src="media/report/images/vuln_low.gif"/>低风险[<span id='level_low_span'>0</span>]
        </div>
        <table id="vuln_list" class="report_table">
            <thead>
                <tr class="second_title">
                    <th width="10%">端口</th>
                    <th width="15%">协议</th>
                    <th width="15%">服务</th>
                    <th>漏洞</th>
                    <th width='188px'>NF已防护</th>
                </tr>
            </thead>
            <tbody>
                
                <tr class="even">
                    <td class="vul_port">80</td>
                    <td>TCP</td>
                    <td>http</td>
                    <td>
                        <ul>
                        
                            <li>
                                <div class="vul_summary" data-id="50188" data-port="80">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_280752','table_2_280752');" style="cursor:pointer">可通过HTTP获取远端WWW服务信息</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Server is running
                                        
                                        <br/>
                                        
                                    
                                        Version:
                                        
                                        <br/>
                                        
                                    
                                        [Apache-Coyote/1.1]
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                        </ul>
                    </td>
                    <td>
                        <ul>
                            
                            <li>-</li>
                            
                        </ul>
                    </td>
                </tr>
                
                <tr class="odd">
                    <td class="vul_port">443</td>
                    <td>TCP</td>
                    <td>www</td>
                    <td>
                        <ul>
                        
                            <li>
                                <div class="vul_summary" data-id="76994" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_high.gif"/>
                                <span class="level_danger_high" onclick="show_vul('2_300529','table_2_300529');" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-8735)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="71930" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_high.gif"/>
                                <span class="level_danger_high" onclick="show_vul('2_288371','table_2_288371');" style="cursor:pointer">Apache Tomcat DIGEST身份验证多个安全漏洞(CVE-2012-3439)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="75220" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_high.gif"/>
                                <span class="level_danger_high" onclick="show_vul('2_295954','table_2_295954');" style="cursor:pointer">Apache Tomcat拒绝服务漏洞(CVE-2014-0230)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76179" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297910','table_2_297910');" style="cursor:pointer">Apache Tomcat 拒绝服务漏洞(CVE-2012-3544)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76229" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297981','table_2_297981');" style="cursor:pointer">Apache Tomcat 目录遍历漏洞(CVE-2015-5174)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76231" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297983','table_2_297983');" style="cursor:pointer">Apache Tomcat Mapper组件安全漏洞(CVE-2015-5345)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76234" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297986','table_2_297986');" style="cursor:pointer">Apache Tomcat session-persistence 远程代码执行漏洞(CVE-2016-0714)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="75237" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_296153','table_2_296153');" style="cursor:pointer">Apache Tomcat Security Manager绕过漏洞(CVE-2014-7810)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76989" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300506','table_2_300506');" style="cursor:pointer">Apache Tomcat Security Manager 安全限制绕过漏洞(CVE-2016-6796)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76993" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300510','table_2_300510');" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-6797)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72133" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_283057','table_2_283057');" style="cursor:pointer">Apache Tomcat 跨站请求伪造漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72302" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294129','table_2_294129');" style="cursor:pointer">Apache Tomcat 块请求远程拒绝服务漏洞（CVE-2014-0075）</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74263" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294144','table_2_294144');" style="cursor:pointer">Apache Tomcat 整数溢出漏洞(CVE-2014-0099)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="70203" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_304097','table_2_304097');" style="cursor:pointer">Apache Tomcat 安全漏洞（CVE-2017-5647）</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72130" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_283862','table_2_283862');" style="cursor:pointer">Apache Tomcat replay-countermeasure功能安全漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76990" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300507','table_2_300507');" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-6794)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74119" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_293658','table_2_293658');" style="cursor:pointer">Apache Tomcat 输入验证漏洞(CVE-2013-4286)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="71929" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_281103','table_2_281103');" style="cursor:pointer">Apache Tomcat拒绝服务漏洞(CVE-2012-2733)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72659" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_281104','table_2_281104');" style="cursor:pointer">Apache Tomcat FORM身份验证安全绕过漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="75072" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_295328','table_2_295328');" style="cursor:pointer">Apache Tomcat XML外部实体信息泄露漏洞(CVE-2013-4590)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74993" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294678','table_2_294678');" style="cursor:pointer">Apache Tomcat 输入验证漏洞(CVE-2014-0033)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="73540" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_288726','table_2_288726');" style="cursor:pointer">Apache Tomcat FORM认证器会话固定漏洞(CVE-2013-2067)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76235" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297987','table_2_297987');" style="cursor:pointer">Apache Tomcat 安全漏洞(CVE-2016-0706)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76992" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300509','table_2_300509');" style="cursor:pointer">Apache Tomcat 信息泄露漏洞(CVE-2016-0762)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72131" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_283058','table_2_283058');" style="cursor:pointer">Apache Tomcat HTTP Digest Access Authentication 安全绕过漏洞(CVE-2012-5886)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76243" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300536','table_2_300536');" style="cursor:pointer">Apache Tomcat信息泄露漏洞(CVE-2016-8745)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74261" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294142','table_2_294142');" style="cursor:pointer">Apache Tomcat 权限许可和访问控制漏洞(CVE-2014-0119)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="75120" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_295683','table_2_295683');" style="cursor:pointer">Apache Tomcat 安全漏洞(CVE-2014-0227)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74262" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294143','table_2_294143');" style="cursor:pointer">Apache Tomcat 权限许可和访问控制漏洞(CVE-2014-0096)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76991" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300508','table_2_300508');" style="cursor:pointer">Apache Tomcat Security Manager 安全限制绕过漏洞(CVE-2016-5018)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72132" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_283059','table_2_283059');" style="cursor:pointer">Apache Tomcat HTTP Digest Access Authentication实现安全漏洞(CVE-2012-5887)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72661" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_288485','table_2_288485');" style="cursor:pointer">Apache Tomcat Slowloris工具拒绝服务漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76995" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300530','table_2_300530');" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-6816)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74108" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_293596','table_2_293596');" style="cursor:pointer">Apache Tomcat 输入验证漏洞(CVE-2013-4322)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="70202" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_303770','table_2_303770');" style="cursor:pointer">SSL/TLS协议信息泄露漏洞(CVE-2016-2183)【原理扫描】</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        DES/3DES Ciphers:
                                        
                                        <br/>
                                        
                                    
                                        TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="71247" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_283925','table_2_283925');" style="cursor:pointer">检测到目标主机加密通信支持的加密算法</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        TLSv1:
                                        
                                        <br/>
                                        
                                    
                                        DES-CBC3-SHA Kx:RSA Au:RSA Enc:3DES(168) Mac:SHA1
                                        
                                        <br/>
                                        
                                    
                                        AES128-SHA Kx:RSA Au:RSA Enc:AES(128) Mac:SHA1
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="50188" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_280752','table_2_280752');" style="cursor:pointer">可通过HTTP获取远端WWW服务信息</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Version:
                                        
                                        <br/>
                                        
                                    
                                        [Apache-Coyote/1.1]
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72325" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_291622','table_2_291622');" style="cursor:pointer">服务器允许SSL会话恢复【原理扫描】</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        * Session Resumption :
                                        
                                        <br/>
                                        
                                    
                                              Using TLSv1 Session IDs:       Supported
                                        
                                        <br/>
                                        
                                    
                                              Using SSLv3 Session IDs:       Error =&gt; utils.ctSSL.errors.SSLErrorSSL - error:00000000:lib(0):func(0):reason(0)
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="50856" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_280445','table_2_280445');" style="cursor:pointer">可通过HTTPS获取远端WWW服务信息</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        可通过HTTPS获取远端WWW服务版本信息: [Apache-Coyote/1.1]
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72660" data-port="443">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_281105','table_2_281105');" style="cursor:pointer">Apache Tomcat NIO连接器拒绝服务漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                        </ul>
                    </td>
                    <td>
                        <ul>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                        </ul>
                    </td>
                </tr>
                
                <tr class="even">
                    <td class="vul_port">7002</td>
                    <td>TCP</td>
                    <td>www</td>
                    <td>
                        <ul>
                        
                            <li>
                                <div class="vul_summary" data-id="76994" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_high.gif"/>
                                <span class="level_danger_high" onclick="show_vul('2_300529','table_2_300529');" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-8735)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="75220" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_high.gif"/>
                                <span class="level_danger_high" onclick="show_vul('2_295954','table_2_295954');" style="cursor:pointer">Apache Tomcat拒绝服务漏洞(CVE-2014-0230)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="71930" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_high.gif"/>
                                <span class="level_danger_high" onclick="show_vul('2_288371','table_2_288371');" style="cursor:pointer">Apache Tomcat DIGEST身份验证多个安全漏洞(CVE-2012-3439)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76229" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297981','table_2_297981');" style="cursor:pointer">Apache Tomcat 目录遍历漏洞(CVE-2015-5174)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76231" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297983','table_2_297983');" style="cursor:pointer">Apache Tomcat Mapper组件安全漏洞(CVE-2015-5345)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76234" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297986','table_2_297986');" style="cursor:pointer">Apache Tomcat session-persistence 远程代码执行漏洞(CVE-2016-0714)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="75237" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_296153','table_2_296153');" style="cursor:pointer">Apache Tomcat Security Manager绕过漏洞(CVE-2014-7810)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76989" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300506','table_2_300506');" style="cursor:pointer">Apache Tomcat Security Manager 安全限制绕过漏洞(CVE-2016-6796)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76993" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300510','table_2_300510');" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-6797)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72133" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_283057','table_2_283057');" style="cursor:pointer">Apache Tomcat 跨站请求伪造漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72302" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294129','table_2_294129');" style="cursor:pointer">Apache Tomcat 块请求远程拒绝服务漏洞（CVE-2014-0075）</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74263" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294144','table_2_294144');" style="cursor:pointer">Apache Tomcat 整数溢出漏洞(CVE-2014-0099)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="70203" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_304097','table_2_304097');" style="cursor:pointer">Apache Tomcat 安全漏洞（CVE-2017-5647）</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72130" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_283862','table_2_283862');" style="cursor:pointer">Apache Tomcat replay-countermeasure功能安全漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76990" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300507','table_2_300507');" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-6794)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76243" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300536','table_2_300536');" style="cursor:pointer">Apache Tomcat信息泄露漏洞(CVE-2016-8745)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74261" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294142','table_2_294142');" style="cursor:pointer">Apache Tomcat 权限许可和访问控制漏洞(CVE-2014-0119)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="75120" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_295683','table_2_295683');" style="cursor:pointer">Apache Tomcat 安全漏洞(CVE-2014-0227)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74262" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294143','table_2_294143');" style="cursor:pointer">Apache Tomcat 权限许可和访问控制漏洞(CVE-2014-0096)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76991" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300508','table_2_300508');" style="cursor:pointer">Apache Tomcat Security Manager 安全限制绕过漏洞(CVE-2016-5018)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72132" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_283059','table_2_283059');" style="cursor:pointer">Apache Tomcat HTTP Digest Access Authentication实现安全漏洞(CVE-2012-5887)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72661" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_288485','table_2_288485');" style="cursor:pointer">Apache Tomcat Slowloris工具拒绝服务漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="71929" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_281103','table_2_281103');" style="cursor:pointer">Apache Tomcat拒绝服务漏洞(CVE-2012-2733)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72659" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_281104','table_2_281104');" style="cursor:pointer">Apache Tomcat FORM身份验证安全绕过漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76179" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297910','table_2_297910');" style="cursor:pointer">Apache Tomcat 拒绝服务漏洞(CVE-2012-3544)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76992" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300509','table_2_300509');" style="cursor:pointer">Apache Tomcat 信息泄露漏洞(CVE-2016-0762)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72131" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_283058','table_2_283058');" style="cursor:pointer">Apache Tomcat HTTP Digest Access Authentication 安全绕过漏洞(CVE-2012-5886)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74119" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_293658','table_2_293658');" style="cursor:pointer">Apache Tomcat 输入验证漏洞(CVE-2013-4286)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76995" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_300530','table_2_300530');" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-6816)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74108" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_293596','table_2_293596');" style="cursor:pointer">Apache Tomcat 输入验证漏洞(CVE-2013-4322)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="75072" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_295328','table_2_295328');" style="cursor:pointer">Apache Tomcat XML外部实体信息泄露漏洞(CVE-2013-4590)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="74993" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_294678','table_2_294678');" style="cursor:pointer">Apache Tomcat 输入验证漏洞(CVE-2014-0033)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="73540" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_288726','table_2_288726');" style="cursor:pointer">Apache Tomcat FORM认证器会话固定漏洞(CVE-2013-2067)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="76235" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_middle.gif"/>
                                <span class="level_danger_middle" onclick="show_vul('2_297987','table_2_297987');" style="cursor:pointer">Apache Tomcat 安全漏洞(CVE-2016-0706)</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="72660" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_281105','table_2_281105');" style="cursor:pointer">Apache Tomcat NIO连接器拒绝服务漏洞</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Tomcat/6.0.35
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="50856" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_280445','table_2_280445');" style="cursor:pointer">可通过HTTPS获取远端WWW服务信息</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        可通过HTTPS获取远端WWW服务版本信息: [Apache-Coyote/1.1]
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                            <li>
                                <div class="vul_summary" data-id="50188" data-port="7002">
                                
                                <img align="absmiddle" src="media/report/images/vuln_low.gif" />
                                <span class="level_danger_low" onclick="show_vul('2_280752','table_2_280752');" style="cursor:pointer">可通过HTTP获取远端WWW服务信息</span>
                                
                                
                                <img align="absmiddle" src="media/report/images/response_msg.gif" onclick="jQuery(this).siblings('div.detail').toggle();" style="cursor:pointer"/>
                                
                                
                                <div class="detail" style="word-wrap:break-word;">
                                    
                                        Version:
                                        
                                        <br/>
                                        
                                    
                                        [Apache-Coyote/1.1]
                                        
                                    
                                </div>
                                </div>
                            </li>	
                            
                        </ul>
                    </td>
                    <td>
                        <ul>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                            <li>-</li>
                            
                        </ul>
                    </td>
                </tr>
                
            </tbody>
        </table>
        <script type="text/javascript">
            //static vuln num
            var $level_high_span = jQuery('#level_high_span');
            var $level_middle_span = jQuery('#level_middle_span');
            var $level_low_span = jQuery('#level_low_span');
            var $vuln_list = jQuery('#vuln_list');
            console.log($vuln_list.find('ul'))
            var low_num = 0;
            var middle_num = 0;
            var high_num = 0;
            $vuln_list.find('ul').each(function() {
                console.log(jQuery(this).find('div > li > span'))
                jQuery(this).find('li > div > span').each(function() {
                    console.log(this)
                    if (jQuery(this).hasClass('level_danger_low')) {
                        low_num++;
                    } else if (jQuery(this).hasClass('level_danger_middle')) {
                        middle_num++;
                    } else if (jQuery(this).hasClass('level_danger_high')){
                        high_num++;
                    }
                })
            });
            console.log(high_num)
            $level_high_span.html(high_num);
            $level_middle_span.html(middle_num);
            $level_low_span.html(low_num);
        </script>
    </div>
    
    
    
    <div class="report_h report_h2" id="title2_2">2.2 漏洞详情</div>
    <div id="vul_detail">
        <table class="report_table">
            
            <tr class="even" data-id="76994" data-port="443" >
                <td onclick="no_toggle('2_300529','table_2_300529')" >
                    <img id="2_300529" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_high.gif" /><span class="level_danger_high" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-8735)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_300529" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat某些版本在JmxRemoteLifecycleListener的实现上存在安全漏洞，可导致远程代码执行。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-9.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://svn.apache.org/viewvc?view=revision&amp;revision=1757275
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>7.5</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2017-04-06</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8735">CVE-2016-8735</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/94463">94463</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/35453">35453</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201611-609">CNNVD-201611-609</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20168735</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>7.5</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-11583">CNVD-2016-11583</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="71930" data-port="443" >
                <td onclick="no_toggle('2_288371','table_2_288371')" >
                    <img id="2_288371" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_high.gif" /><span class="level_danger_high" style="cursor:pointer">Apache Tomcat DIGEST身份验证多个安全漏洞(CVE-2012-3439)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_288371" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 7.0.0-7.0.27、6.0.0-6.0.35、5.5.0-5.5.35存在多个安全漏洞，成功利用后可允许攻击者绕过安全限制并执行非法操作。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                &lt;*来源：Tilmann Kuhn
                                
                                <br/>
                                
                            
                                  
                                
                                <br/>
                                
                            
                                  链接：http://secunia.com/advisories/51138/
                                
                                <br/>
                                
                            
                                        http://www.apache.org/dist/httpd/Announcement2.2.html
                                
                                <br/>
                                
                            
                                *&gt;
                                
                                <br/>
                                
                            
                                
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            请更新到5.5.36、6.0.36、7.0.30
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Announcement2.2：Apache HTTP Server 2.2.23 Released
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            链接：http://www.apache.org/dist/httpd/Announcement2.2.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>8.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2012-11-17</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3439">CVE-2012-3439</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/56403">56403</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/21391">21391</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201211-127">CNNVD-201211-127</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20123439</td>
                    </tr>
                    
                    
                    
                    <tr class="odd">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2012-6360
">CNVD-2012-6360
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="75220" data-port="443" >
                <td onclick="no_toggle('2_295954','table_2_295954')" >
                    <img id="2_295954" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_high.gif" /><span class="level_danger_high" style="cursor:pointer">Apache Tomcat拒绝服务漏洞(CVE-2014-0230)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_295954" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                未读完请求体，即将对该请求的响应返回给用户代理后，Tomcat默认会信任剩下的请求体，接着处理连接上的下一个请求。Tomcat对信任的请求体大小没有限制。Tomcat不会关闭连接，处理线程也会保持连接，这可导致有限的拒绝服务。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                &lt;*来源：AntBean@secdig
                                
                                <br/>
                                
                            
                                  *&gt;
                                
                                <br/>
                                
                            
                                
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            [1] http://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            [2] http://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            [3] http://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            [4] http://www.openwall.com/lists/oss-security/2015/04/10/1
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>7.8</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2015-06-07</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230">CVE-2014-0230</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/74475">74475</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/29825">29825</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201505-034">CNNVD-201505-034</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20140230</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>7.8</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2015-02909
">CNVD-2015-02909
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="76179" data-port="443" >
                <td onclick="no_toggle('2_297910','table_2_297910')" >
                    <img id="2_297910" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 拒绝服务漏洞(CVE-2012-3544)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_297910" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Tomcat 7.0.0-7.0.29、Tomcat 6.0.0-6.0.36用“分块传输编码”处理提交的请求时，忽略了请求所含扩展的大小。客户端通过向服务器发送大量的数据，利用此漏洞可造成拒绝服务。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载。Tomcat 7.0.x用户请升级到 7.0.30或更高版本；Tomcat 6.0.x用户请升级到6.0.37或更高版本；
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://jakarta.apache.org/tomcat/index.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2013-06-01</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3544">CVE-2012-3544</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/59797">59797</a>,<a target="_blank" href="http://www.securityfocus.com/bid/64758">64758</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/23658">23658</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201305-226">CNNVD-201305-226</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20123544</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2013-05377">CNVD-2013-05377</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="76229" data-port="443" >
                <td onclick="no_toggle('2_297981','table_2_297981')" >
                    <img id="2_297981" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 目录遍历漏洞(CVE-2015-5174)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_297981" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。
                                
                                <br/>
                                
                            
                                Apache Tomcat的RequestUtil.java文件中存在目录遍历漏洞，该漏洞源于getResource、getResourceAsStream和getResourcePaths函数没有充分过滤路径名中的目录遍历字符&#39;..&#39;。远程攻击者可利用该漏洞绕过既定的SecurityManager限制，列出父目录。以下版本受到影响：Apache Tomcat 6.0.45之前6.x版本，7.0.65之前7.x版本，8.0.27之前8.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-6.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2016-02-24</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5174">CVE-2015-5174</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/83329">83329</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/32552">32552</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201602-443">CNNVD-201602-443</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20155174</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>4.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-01326">CNVD-2016-01326</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="76231" data-port="443" >
                <td onclick="no_toggle('2_297983','table_2_297983')" >
                    <img id="2_297983" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat Mapper组件安全漏洞(CVE-2015-5345)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_297983" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。Mapper是其中的一个封装了请求资源URI与每个相对应的处理wrapper容器的映射关系的组件。Apache Tomcat的Mapper组件中存在安全漏洞，该漏洞源于程序实现重定向前没有处理安全约束和过滤器。远程攻击者可借助缺少&#39;/&#39;字符结尾的URL利用该漏洞确定目录的存在。以下版本受到影响：Apache Tomcat 6.0.45之前6.x版本，7.0.67之前7.x版本，8.0.30之前8.x版本，9.0.0.M2之前9.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：http://tomcat.apache.org/security-6.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2016-02-24</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5345">CVE-2015-5345</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/83328">83328</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/32550">32550</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201602-397">CNNVD-201602-397</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20155345</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-01380
">CNVD-2016-01380
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="76234" data-port="443" >
                <td onclick="no_toggle('2_297986','table_2_297986')" >
                    <img id="2_297986" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat session-persistence 远程代码执行漏洞(CVE-2016-0714)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_297986" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。Apache Tomcat的session-persistence实现过程中存在安全漏洞，该漏洞源于程序没有正确处理会话属性。远程攻击者可借助将特制的对象放到会话中的Web应用程序利用该漏洞绕过既定的SecurityManager限制，以提升的权限执行任意代码。以下版本受到影响：Apache Tomcat 6.0.45之前6.x版本，7.0.68之前7.x版本，8.0.31之前8.x版本，9.0.0.M2之前9.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：http://tomcat.apache.org/security-7.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>6.5</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2016-02-24</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0714">CVE-2016-0714</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/83327">83327</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/32543">32543</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201602-402">CNNVD-201602-402</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20160714</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>6.5</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-01283
">CNVD-2016-01283
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="75237" data-port="443" >
                <td onclick="no_toggle('2_296153','table_2_296153')" >
                    <img id="2_296153" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat Security Manager绕过漏洞(CVE-2014-7810)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_296153" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 8.0.0-RC1至8.0.15、7.0.0至7.0.57、6.0.0至6.0.43版本，在特权代码区评估表达式的实现上存在安全限制绕过漏洞，攻击者利用此漏洞可绕过Security Manager保护机制。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                &lt;*来源：Apache Tomcat security team
                                
                                <br/>
                                
                            
                                  *&gt;
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            [1] http://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            [2] http://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            [3] http://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2015-06-07</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7810">CVE-2014-7810</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/74665">74665</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/29948">29948</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201505-273">CNNVD-201505-273</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20147810</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2015-03233
">CNVD-2015-03233
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="76989" data-port="443" >
                <td onclick="no_toggle('2_300506','table_2_300506')" >
                    <img id="2_300506" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat Security Manager 安全限制绕过漏洞(CVE-2016-6796)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_300506" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 在实现上存在安全限制绕过漏洞。攻击者利用此漏洞可绕过某些安全限制，执行未授权操作。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-9.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://svn.apache.org/viewvc?view=revision&amp;revision=1758495
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2017-08-10</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6796">CVE-2016-6796</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/93944">93944</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/35261">35261</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201610-827">CNNVD-201610-827</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20166796</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-10423
">CNVD-2016-10423
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="76993" data-port="443" >
                <td onclick="no_toggle('2_300510','table_2_300510')" >
                    <img id="2_300510" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-6797)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_300510" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 在实现上存在安全限制绕过漏洞。攻击者利用此漏洞可绕过某些安全限制，执行未授权操作。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-9.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://svn.apache.org/viewvc?view=revision&amp;revision=1757275
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2017-08-10</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6797">CVE-2016-6797</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/93940">93940</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/35257">35257</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201610-827">CNNVD-201610-827</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20166797</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-10419
">CNVD-2016-10419
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="72133" data-port="443" >
                <td onclick="no_toggle('2_283057','table_2_283057')" >
                    <img id="2_283057" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 跨站请求伪造漏洞</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_283057" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Tomcat v7.0.31、6.0.35之前版本在实现上存在跨站请求伪造漏洞，远程攻击者可利用此漏洞当前用户权限执行某些操作，访问受影响应用程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                &lt;*来源：Tomcat Security Team
                                
                                <br/>
                                
                            
                                  
                                
                                <br/>
                                
                            
                                  链接：http://www.securitytracker.com/id/1027834
                                
                                <br/>
                                
                            
                                *&gt;
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载更高版本。
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            参考链接：
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security.html
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-6.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.3</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2012-12-19</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4431">CVE-2012-4431</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/56814">56814</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/21697">21697</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201212-054">CNNVD-201212-054</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20124431</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>4.3</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2012-7281">CNVD-2012-7281</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="72302" data-port="443" >
                <td onclick="no_toggle('2_294129','table_2_294129')" >
                    <img id="2_294129" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 块请求远程拒绝服务漏洞（CVE-2014-0075）</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_294129" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 8.0.0-RC1-8.0.3、7.0.0 - 7.0.52、6.0.0 - 6.0.39版本对畸形块尺寸的请求存在安全漏洞，这可使大量的数据发送到服务器，绕过对请求的各种尺寸限制，导致拒绝服务。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                &lt;*来源：Tomcat users mailing list
                                
                                <br/>
                                
                            
                                  
                                
                                <br/>
                                
                            
                                  链接：http://secunia.com/advisories/57879/
                                
                                <br/>
                                
                            
                                *&gt;
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            [1] http://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            [2] http://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            [3] http://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2014-05-31</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0075">CVE-2014-0075</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/67671">67671</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/26883">26883</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201405-585
">CNNVD-201405-585
</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20140075</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2014-03378">CNVD-2014-03378</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="74263" data-port="443" >
                <td onclick="no_toggle('2_294144','table_2_294144')" >
                    <img id="2_294144" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 整数溢出漏洞(CVE-2014-0099)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_294144" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。Apache Tomcat中的java/org/apache/tomcat/util/buf/Ascii.java文件存在整数溢出漏洞。远程攻击者可借助特制的Content-Length HTTP头利用该漏洞实施HTTP请求走私攻击。以下版本受到影响：Apache Tomcat 6.0.39及之前的版本，7.0.53之前的7.x版本，8.0.4之前的8.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.53
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.3</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2014-05-31</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0099">CVE-2014-0099</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/67668">67668</a></td>
                    </tr>
                    
                    
                    
                    <tr class="even">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201405-588
">CNNVD-201405-588
</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20140099</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CVSS评分</th>
                        <td>4.3</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2014-03429">CNVD-2014-03429</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="70203" data-port="443" >
                <td onclick="no_toggle('2_304097','table_2_304097')" >
                    <img id="2_304097" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 安全漏洞（CVE-2017-5647）</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_304097" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat中的pipelined请求的处理过程存在安全漏洞。攻击者可利用该漏洞读取其他请求的数据。以下版本受到影响：Apache Tomcat 9.0.0.M1版本至9.0.0.M18版本，8.5.0版本至8.5.12版本，8.0.0.RC1版本至8.0.42版本，7.0.0版本至7.0.76版本，6.0.0版本至6.0.52版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            [1] http://tomcat.apache.org/security-9.html
                            
                            <br/>
                            
                        
                            [2] http://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            [3] http://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            [4] http://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2017-04-17</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5647">CVE-2017-5647</a></td>
                    </tr>
                    
                    
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201704-862">CNNVD-201704-862</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20175647 </td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2017-05037">CNVD-2017-05037</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="72130" data-port="443" >
                <td onclick="no_toggle('2_283862','table_2_283862')" >
                    <img id="2_283862" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat replay-countermeasure功能安全漏洞</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_283862" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一款由Apache Foundation维护的免费开放源代码的Java Servlet和JSP服务程序。 
                                
                                <br/>
                                
                            
                                        Apache Tomcat 5.5.36之前的5.5.x版本、6.0.36之前的6.x版本、7.0.30之前的7.x版本中的HTTP Digest Access Authentication实现中的replay-countermeasure功能中存在漏洞，该漏洞源于程序追踪cnonce(又名客户端随机数)值而不是追踪nonce(又名服务器端随机数)和nc(又名随机数计数)值。远程攻击者利用该漏洞通过在网络中嗅探有效的请求，绕过预期的访问限制。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： 
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-6.html 
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-5.html 
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-7.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2012-11-17</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5885">CVE-2012-5885</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/56403">56403</a></td>
                    </tr>
                    
                    
                    
                    <tr class="even">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201211-313">CNNVD-201211-313</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20125885</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2012-6585">CNVD-2012-6585</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="76990" data-port="443" >
                <td onclick="no_toggle('2_300507','table_2_300507')" >
                    <img id="2_300507" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-6794)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_300507" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 在实现上存在安全限制绕过漏洞。攻击者利用此漏洞可绕过某些安全限制，执行未授权操作。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-9.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://svn.apache.org/viewvc?view=rev&amp;rev=1754728
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2017-08-10</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6794">CVE-2016-6794</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/93943">93943</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/35260">35260</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201610-827">CNNVD-201610-827</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20166794</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-10422
">CNVD-2016-10422
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="74119" data-port="443" >
                <td onclick="no_toggle('2_293658','table_2_293658')" >
                    <img id="2_293658" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 输入验证漏洞(CVE-2013-4286)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_293658" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。Apache Tomcat中存在输入验证漏洞，该漏洞源于当使用HTTP或AJP连接器时，程序没有正确处理Content-Length HTTP请求头信息。远程攻击者可借助多个Content-Length头或使用块编码的Content-Length头利用该漏洞实施跨站脚本攻击，获取请求中的敏感信息。以下版本受到影响：Apache Tomcat 6.0.37及之前的版本，7.0.47之前的7.x版本，8.0.0-RC3之前的8.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            apache
                            
                            <br/>
                            
                        
                            ---------  
                            
                            <br/>
                            
                        
                            目前 apache 已经发布 tomcat 最新版本, 请到厂商的官方页面下载最新版本:  
                            
                            <br/>
                            
                        
                            链接：http://tomcat.apache.org/
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.8</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2014-02-26</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4286">CVE-2013-4286</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/65773">65773</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/26098">26098</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201402-399
">CNNVD-201402-399
</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20134286</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.8</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2014-01278">CNVD-2014-01278</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="71929" data-port="443" >
                <td onclick="no_toggle('2_281103','table_2_281103')" >
                    <img id="2_281103" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat拒绝服务漏洞(CVE-2012-2733)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_281103" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 7.0.0-7.0.27、6.0.0-6.0.35存在拒绝服务漏洞，在解析请求标头时，&#34;parseHeaders()&#34;函数(InternalNioInputBuffer.java) 没有正确验证允许的大小，可被利用触发OutOfMemoryError意外，DIGEST身份验证机制没有正确检查服务器nonces，攻击者可利用此漏洞造成拒绝服务。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                &lt;*来源：Josh Spiewak
                                
                                <br/>
                                
                            
                                  
                                
                                <br/>
                                
                            
                                  链接：http://secunia.com/advisories/51138/
                                
                                <br/>
                                
                            
                                        http://www.apache.org/dist/httpd/Announcement2.2.html
                                
                                <br/>
                                
                            
                                *&gt;
                                
                                <br/>
                                
                            
                                
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            请更新到5.5.36、6.0.36、7.0.30
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Announcement2.2：Apache HTTP Server 2.2.23 Released
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            链接：http://www.apache.org/dist/httpd/Announcement2.2.html
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2012-11-16</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2733">CVE-2012-2733</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/56402">56402</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/21392">21392</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201211-126">CNNVD-201211-126</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20122733</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2012-6358">CNVD-2012-6358</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="72659" data-port="443" >
                <td onclick="no_toggle('2_281104','table_2_281104')" >
                    <img id="2_281104" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat FORM身份验证安全绕过漏洞</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_281104" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                 
                                
                                <br/>
                                
                            
                                Tomcat v7.0.30、6.0.36之前版本在FORM身份验证的实现上存在安全漏洞。在使用FORM验证时，若其他组件（如Single-Sign-On）在调用FormAuthenticator#authenticate()之前调用了request.setUserPrincipal()，则攻击者可以通过在URL结尾添加&#34;/j_security_check&#34;以绕过FORM验证，
                                
                                <br/>
                                
                            
                                 
                                
                                <br/>
                                
                            
                                &lt;*来源：Tomcat Security Team
                                
                                <br/>
                                
                            
                                   
                                
                                <br/>
                                
                            
                                   链接：http://seclists.org/fulldisclosure/2012/Dec/73
                                
                                <br/>
                                
                            
                                 *&gt;
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                             
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                             ------------
                            
                            <br/>
                            
                        
                             目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载7.0.30和6.0.36或更高版本。
                            
                            <br/>
                            
                        
                             
                            
                            <br/>
                            
                        
                            参考链接：
                            
                            <br/>
                            
                        
                             http://tomcat.apache.org/security.html
                            
                            <br/>
                            
                        
                             http://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                             http://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.3</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2012-12-19</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3546">CVE-2012-3546</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/56812">56812</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/21694">21694</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201212-056">CNNVD-201212-056</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20123546</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>4.3</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2012-7673">CNVD-2012-7673</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="75072" data-port="443" >
                <td onclick="no_toggle('2_295328','table_2_295328')" >
                    <img id="2_295328" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat XML外部实体信息泄露漏洞(CVE-2013-4590)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_295328" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Tomcat 8.0.0-RC1 - 8.0.0-RC5、7.0.0 - 7.0.47、6.0.0 - 6.0.37版本的XML(例如：web.xml, context.xml, *.tld, *.tagx, *.jspx)文件允许XXE，这可使攻击者获取Tomcat内部敏感信息。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                &lt;*来源：Apache Tomcat security team
                                
                                <br/>
                                
                            
                                  
                                
                                <br/>
                                
                            
                                  链接：http://www.securityfocus.com/archive/1/531252
                                
                                <br/>
                                
                            
                                *&gt;
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://jakarta.apache.org/tomcat/index.html 
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            [1] http://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            [2] http://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            [3] http://tomcat.apache.org/security-6.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.3</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2014-02-26</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4590">CVE-2013-4590</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/65768">65768</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/26107">26107</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201402-401
">CNNVD-201402-401
</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20134590</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>4.3</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2014-01279">CNVD-2014-01279</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="74993" data-port="443" >
                <td onclick="no_toggle('2_294678','table_2_294678')" >
                    <img id="2_294678" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 输入验证漏洞(CVE-2014-0033)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_294678" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。
                                
                                <br/>
                                
                            
                                Apache Tomcat 6.0.33至6.0.37版本中的org/apache/catalina/connector/CoyoteAdapter.java文件存在输入验证漏洞，该漏洞源于当处理URL中的会话ID时，程序设disableURLRewriting值为true。远程攻击者可借助特制的URL利用该漏洞实施会话固定攻击。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-6.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.3</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2014-02-26</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0033">CVE-2014-0033</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/65769">65769</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/26106">26106</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201402-408
">CNNVD-201402-408
</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20140033</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>4.3</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2014-01280">CNVD-2014-01280</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="73540" data-port="443" >
                <td onclick="no_toggle('2_288726','table_2_288726')" >
                    <img id="2_288726" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat FORM认证器会话固定漏洞(CVE-2013-2067)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_288726" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Tomcat 7.0.0-7.0.32、Tomcat 6.0.21-6.0.36的FORM身份验证存在安全漏洞，通过重复请求经过身份验证的资源，当受害者在填写登录表单时，攻击者可利用此漏洞注入一个请求，该请求可用受害者的凭证执行。通过更改登录页面之前的会话ID和通过身份验证后的用户ID，可以阻止此漏洞被利用。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            apache
                            
                            <br/>
                            
                        
                            ---------  
                            
                            <br/>
                            
                        
                            目前 apache 已经发布 tomcat 最新版本, 请到厂商的官方页面下载最新版本:  
                            
                            <br/>
                            
                        
                            链接：http://tomcat.apache.org/
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>6.8</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2013-06-01</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2067">CVE-2013-2067</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/59799">59799</a>,<a target="_blank" href="http://www.securityfocus.com/bid/64758">64758</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/23660">23660</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201305-224">CNNVD-201305-224</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20132067</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>6.8</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2013-05379">CNVD-2013-05379</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="76235" data-port="443" >
                <td onclick="no_toggle('2_297987','table_2_297987')" >
                    <img id="2_297987" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 安全漏洞(CVE-2016-0706)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_297987" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。Apache Tomcat中存在安全漏洞，该漏洞源于程序没有将org.apache.catalina.manager.StatusManagerServlet放到org/apache/catalina/core/RestrictedServlets.properties列表中。远程攻击者可借助特制的Web应用程序利用该漏洞绕过既定的SecurityManager限制，读取任意HTTP请求，发现会话ID。以下版本受到影响：Apache Tomcat 6.0.45之前6.x版本，7.0.68之前7.x版本，8.0.31之前8.x版本，9.0.0.M2之前9.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：http://tomcat.apache.org/security-6.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2016-02-24</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0706">CVE-2016-0706</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/83324">83324</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/32542">32542</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201602-447">CNNVD-201602-447</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20160706</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>4.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-01284
">CNVD-2016-01284
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="76992" data-port="443" >
                <td onclick="no_toggle('2_300509','table_2_300509')" >
                    <img id="2_300509" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 信息泄露漏洞(CVE-2016-0762)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_300509" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 在实现上存在信息泄露漏洞。攻击者利用此漏洞可获取敏感信息。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-9.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://svn.apache.org/viewvc?view=rev&amp;rev=1758502
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.3</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2017-08-10</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0762">CVE-2016-0762</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/93939">93939</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/35258">35258</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201610-827">CNNVD-201610-827</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20160762</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>4.3</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-10420
">CNVD-2016-10420
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="72131" data-port="443" >
                <td onclick="no_toggle('2_283058','table_2_283058')" >
                    <img id="2_283058" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat HTTP Digest Access Authentication 安全绕过漏洞(CVE-2012-5886)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_283058" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一款由Apache Foundation维护的免费开放源代码的Java Servlet和JSP服务程序。 
                                
                                <br/>
                                
                            
                                        Apache Tomcat 5.5.36之前的5.5.x版本、6.0.36之前的6.x版本、7.0.30之前的7.x版本中的HTTP Digest Access Authentication实现中存在漏洞，该漏洞源于在会话状态中缓存相关身份验证用户的信息。远程攻击者利用该漏洞通过与会话ID相关的向量绕过身份验证。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接： 
                            
                            <br/>
                            
                        
                                    http://tomcat.apache.org/security-6.html 
                            
                            <br/>
                            
                        
                                    http://tomcat.apache.org/security-5.html 
                            
                            <br/>
                            
                        
                                    http://tomcat.apache.org/security-7.html
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2012-11-17</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5886">CVE-2012-5886</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/56403">56403</a></td>
                    </tr>
                    
                    
                    
                    <tr class="even">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201211-314">CNNVD-201211-314</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20125886</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2012-6587">CNVD-2012-6587</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="76243" data-port="443" >
                <td onclick="no_toggle('2_300536','table_2_300536')" >
                    <img id="2_300536" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat信息泄露漏洞(CVE-2016-8745)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_300536" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 6.0.16至6.0.48,7.0.0至7.0.73,8.0.0.RC1至8.0.39,8.5.0至8.5.8,9.0.0.M1至9.0.0.M13版本实现上存在信息泄露漏洞，攻击者利用此漏洞可获取敏感信息。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-9.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://svn.apache.org/viewvc?view=rev&amp;rev=1771853
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2017-08-10</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745">CVE-2016-8745</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/94828">94828</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/35561">35561</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201612-330">CNNVD-201612-330</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20168745</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-12570">CNVD-2016-12570</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="74261" data-port="443" >
                <td onclick="no_toggle('2_294142','table_2_294142')" >
                    <img id="2_294142" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 权限许可和访问控制漏洞(CVE-2014-0119)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_294142" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。
                                
                                <br/>
                                
                            
                                Apache Tomcat中存在安全漏洞，该漏洞源于程序没有正确限制类加载器访问使用XSLT样式表的XML解析器。远程攻击者可借助特制的Web应用程序利用该漏洞读取任意文件，或读取不同Web应用程序相关的文件。以下版本受到影响：Apache Tomcat 6.0.39及之前的版本，7.0.54之前的7.x版本，8.0.6之前的8.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：
                            
                            <br/>
                            
                        
                            http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.54
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.3</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2014-05-31</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0119">CVE-2014-0119</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/67669">67669</a></td>
                    </tr>
                    
                    
                    
                    <tr class="even">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201405-589
">CNNVD-201405-589
</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20140119</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CVSS评分</th>
                        <td>4.3</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2014-03375">CNVD-2014-03375</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="75120" data-port="443" >
                <td onclick="no_toggle('2_295683','table_2_295683')" >
                    <img id="2_295683" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 安全漏洞(CVE-2014-0227)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_295683" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。
                                
                                <br/>
                                
                            
                                Apache Tomcat中的java/org/apache/coyote/http11/filters/ChunkedInputFilter.java文件存在安全漏洞，该漏洞源于程序出现错误时，没有正确限制读取数据。远程攻击者可通过发送带有畸形编码块的流数据利用该漏洞实施HTTP请求走私攻击，或造成拒绝服务（资源耗尽）。以下版本受到影响：Apache Tomcat 6.0.42之前的6.x版本，7.0.55之前的7.x版本，8.0.9之前的8.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            Apache Group已经为此发布了一个安全公告（CVE-2014-0227）以及相应补丁:
                            
                            <br/>
                            
                        
                            CVE-2014-0227：Fixed in Apache Tomcat 6.0.43
                            
                            <br/>
                            
                        
                            链接：http://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            补丁下载：http://svn.apache.org/viewvc?view=rev&amp;rev=1603628
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>6.4</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2015-02-15</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227">CVE-2014-0227</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/72717">72717</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/30150">30150</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201502-328">CNNVD-201502-328</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20140227</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>6.4</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2015-01025
">CNVD-2015-01025
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="74262" data-port="443" >
                <td onclick="no_toggle('2_294143','table_2_294143')" >
                    <img id="2_294143" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 权限许可和访问控制漏洞(CVE-2014-0096)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_294143" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。Apache Tomcat的默认servlet中的java/org/apache/catalina/servlets/DefaultServlet.java文件存在安全漏洞，该漏洞源于程序没有正确限制XSLT样式表。远程攻击者可借助特制的应用程序利用该漏洞绕过安全限制，读取任意文件。以下版本受到影响：Apache Tomcat 6.0.39及之前的版本，7.0.53之前的7.x版本，8.0.4之前的8.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            目前厂商已经发布了升级补丁以修复此安全问题，补丁获取链接：http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.53
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.3</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2014-05-31</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0096">CVE-2014-0096</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/67667">67667</a></td>
                    </tr>
                    
                    
                    
                    <tr class="even">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201405-587
">CNNVD-201405-587
</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20140096</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CVSS评分</th>
                        <td>4.3</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2014-03376">CNVD-2014-03376</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="76991" data-port="443" >
                <td onclick="no_toggle('2_300508','table_2_300508')" >
                    <img id="2_300508" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat Security Manager 安全限制绕过漏洞(CVE-2016-5018)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_300508" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat 在实现上存在安全限制绕过漏洞。攻击者利用此漏洞可绕过某些安全限制，执行未授权操作。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-9.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://svn.apache.org/viewvc?view=rev&amp;rev=1754902
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2017-08-10</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5018">CVE-2016-5018</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/93942">93942</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/35259">35259</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201610-827">CNNVD-201610-827</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20165018</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-10421
">CNVD-2016-10421
</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="72132" data-port="443" >
                <td onclick="no_toggle('2_283059','table_2_283059')" >
                    <img id="2_283059" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat HTTP Digest Access Authentication实现安全漏洞(CVE-2012-5887)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_283059" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一款由Apache Foundation维护的免费开放源代码的Java Servlet和JSP服务程序。 
                                
                                <br/>
                                
                            
                                        Apache Tomcat 5.5.36之前的5.5.x版本、6.0.36之前的6.x版本、7.0.30之前的7.x版本中的HTTP Digest Access Authentication实现中存在漏洞，该漏洞源于程序在连带执行凭证检查的同时未对过期的随机数值进行正确的检查。通过在网络中嗅探有效的请求，远程攻击者可利用该漏洞绕过预期的访问限制。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            apache
                            
                            <br/>
                            
                        
                            ---------  
                            
                            <br/>
                            
                        
                            目前 apache 已经发布 tomcat 最新版本, 请到厂商的官方页面下载最新版本:  
                            
                            <br/>
                            
                        
                            链接：http://tomcat.apache.org/
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2012-11-17</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5887">CVE-2012-5887</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/56403">56403</a></td>
                    </tr>
                    
                    
                    
                    <tr class="even">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201211-315">CNNVD-201211-315</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20125887</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2012-6589">CNVD-2012-6589</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="72661" data-port="443" >
                <td onclick="no_toggle('2_288485','table_2_288485')" >
                    <img id="2_288485" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat Slowloris工具拒绝服务漏洞</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_288485" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。Slowloris是低带宽拒绝服务攻击工具。
                                
                                <br/>
                                
                            
                                 
                                
                                <br/>
                                
                            
                                Apache Tomcat在实现上存在安全漏洞，远程攻击者可利用Slowloris工具造成拒绝服务攻击。
                                
                                <br/>
                                
                            
                                 
                                
                                <br/>
                                
                            
                                &lt;*来源：David Jorm
                                
                                <br/>
                                
                            
                                   
                                
                                <br/>
                                
                            
                                   链接：https://bugzilla.redhat.com/show_bug.cgi?id=880011
                                
                                <br/>
                                
                            
                                 *&gt;
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            apache
                            
                            <br/>
                            
                        
                            ---------  
                            
                            <br/>
                            
                        
                            目前 apache 已经发布 tomcat 最新版本, 请到厂商的官方页面下载最新版本:  
                            
                            <br/>
                            
                        
                            链接：http://tomcat.apache.org/
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>5.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2012-11-30</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5568">CVE-2012-5568</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/56686">56686</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/21624">21624</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201211-538">CNNVD-201211-538</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20125568</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2012-7725">CNVD-2012-7725</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="76995" data-port="443" >
                <td onclick="no_toggle('2_300530','table_2_300530')" >
                    <img id="2_300530" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 安全限制绕过漏洞(CVE-2016-6816)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_300530" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开源JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                Apache Tomcat某些版本解析HTTP请求行的代码允许存在无效的字符，这可使攻击者篡改HTTP响应，对Web缓存投毒，执行XSS攻击或获取敏感信息。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁:
                            
                            <br/>
                            
                        
                            Apache Group
                            
                            <br/>
                            
                        
                            ------------
                            
                            <br/>
                            
                        
                            目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-6.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-7.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-8.html
                            
                            <br/>
                            
                        
                            https://tomcat.apache.org/security-9.html
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            http://svn.apache.org/viewvc?view=revision&amp;revision=1757275
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>6.8</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2017-03-20</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6816">CVE-2016-6816</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/94461">94461</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/35455">35455</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201611-610">CNNVD-201611-610</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20166816</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>6.8</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-11591">CNVD-2016-11591</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="74108" data-port="443" >
                <td onclick="no_toggle('2_293596','table_2_293596')" >
                    <img id="2_293596" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_middle.gif" /><span class="level_danger_middle" style="cursor:pointer">Apache Tomcat 输入验证漏洞(CVE-2013-4322)</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_293596" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Tomcat是美国阿帕奇（Apache）软件基金会下属的Jakarta项目的一款轻量级Web应用服务器，它主要用于开发和调试JSP程序，适用于中小型系统。Apache Tomcat中存在输入验证漏洞。当处理分块传输编码时，远程攻击者可借助大量的分块数据或使用畸形的HTTP头利用该漏洞造成拒绝服务。以下版本受到影响：Apache Tomcat 6.0.37及之前的版本，7.0.47之前的7.x版本，8.0.0-RC3之前的8.x版本。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            apache
                            
                            <br/>
                            
                        
                            ---------  
                            
                            <br/>
                            
                        
                            目前 apache 已经发布 tomcat 最新版本, 请到厂商的官方页面下载最新版本:  
                            
                            <br/>
                            
                        
                            链接：http://tomcat.apache.org/
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>4.3</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2014-02-26</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4322">CVE-2013-4322</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/65767">65767</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/26100">26100</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201402-400
">CNNVD-201402-400
</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20134322</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>4.3</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2014-01343">CNVD-2014-01343</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="50188" data-port="80" >
                <td onclick="no_toggle('2_280752','table_2_280752')" >
                    <img id="2_280752" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_low.gif" /><span class="level_danger_low" style="cursor:pointer">可通过HTTP获取远端WWW服务信息</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_280752" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                本插件检测远端HTTP Server信息。这可能使得攻击者了解远程系统类型以便进行下一步的攻击。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            NSFOCUS建议您采取以下措施以降低威胁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            * 改变您的HTTP服务器的缺省banner。
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>1.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>1999-01-01</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0633">CVE-1999-0633</a></td>
                    </tr>
                    
                    
                    
                    
                    
                    <tr class="odd">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-19990633</td>
                    </tr>
                    
                    
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="70202" data-port="443" >
                <td onclick="no_toggle('2_303770','table_2_303770')" >
                    <img id="2_303770" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_low.gif" /><span class="level_danger_low" style="cursor:pointer">SSL/TLS协议信息泄露漏洞(CVE-2016-2183)【原理扫描】</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_303770" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                TLS是安全传输层协议，用于在两个通信应用程序之间提供保密性和数据完整性。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                TLS, SSH, IPSec协商及其他产品中使用的DES及Triple DES密码存在大约四十亿块的生日界，这可使远程攻击者通过Sweet32攻击，获取纯文本数据。
                                
                                <br/>
                                
                            
                                
                                
                                <br/>
                                
                            
                                &lt;*来源：Karthik Bhargavan
                                
                                <br/>
                                
                            
                                        Gaetan Leurent
                                
                                <br/>
                                
                            
                                  
                                
                                <br/>
                                
                            
                                  链接：https://www.openssl.org/news/secadv/20160922.txt
                                
                                <br/>
                                
                            
                                *&gt;
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            OpenSSL Project
                            
                            <br/>
                            
                        
                            ---------------
                            
                            <br/>
                            
                        
                            OpenSSL Project已经为此发布了一个安全公告（20160922）以及相应补丁:
                            
                            <br/>
                            
                        
                            20160922：OpenSSL Security Advisory [22 Sep 2016]
                            
                            <br/>
                            
                        
                            链接：https://www.openssl.org/news/secadv/20160922.txt
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            请在下列网页下载最新版本：  
                            
                            <br/>
                            
                        
                            https://www.openssl.org/source/
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>3.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2016-08-31</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2183">CVE-2016-2183</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/92630">92630</a>,<a target="_blank" href="http://www.securityfocus.com/bid/95568">95568</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/34880">34880</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201608-448">CNNVD-201608-448</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20162183</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>5.0</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2016-06765">CNVD-2016-06765</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="71247" data-port="443" >
                <td onclick="no_toggle('2_283925','table_2_283925')" >
                    <img id="2_283925" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_low.gif" /><span class="level_danger_low" style="cursor:pointer">检测到目标主机加密通信支持的加密算法</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_283925" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                该插件连接到目标主机服务，检测到目标服务加密通信使用的SSL加密算法。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            该漏洞仅仅是一个信息获取的漏洞，可以不做修复。
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>1.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2001-01-01</td>
                    </tr>
                    
                    
                    
                    
                    
                    
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="72325" data-port="443" >
                <td onclick="no_toggle('2_291622','table_2_291622')" >
                    <img id="2_291622" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_low.gif" /><span class="level_danger_low" style="cursor:pointer">服务器允许SSL会话恢复【原理扫描】</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_291622" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                服务器允许SSL会话恢复
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            该漏洞仅仅是对SSL会话恢复的检测，可以不修复。
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>1.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2010-11-01</td>
                    </tr>
                    
                    
                    
                    
                    
                    
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="even" data-id="50856" data-port="443" >
                <td onclick="no_toggle('2_280445','table_2_280445')" >
                    <img id="2_280445" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_low.gif" /><span class="level_danger_low" style="cursor:pointer">可通过HTTPS获取远端WWW服务信息</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_280445" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                可通过HTTPS获取远端HTTP服务器信息。这可能使得攻击者了解远程系统类型以便进行下一步的攻击。
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            NSFOCUS建议您采取以下措施以降低威胁：
                            
                            <br/>
                            
                        
                            
                            
                            <br/>
                            
                        
                            * 改变您的HTTP服务器的缺省banner。
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>1.0</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>1999-01-01</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0633">CVE-1999-0633</a></td>
                    </tr>
                    
                    
                    
                    
                    
                    <tr class="odd">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-19990633</td>
                    </tr>
                    
                    
                    
                    
                    </table>
                </td>
            </tr>
            
            <tr class="odd" data-id="72660" data-port="443" >
                <td onclick="no_toggle('2_281105','table_2_281105')" >
                    <img id="2_281105" class="ico plus" src="media/report/images/blank.gif" /> 
                     
                    <img align="absmiddle" src="media/report/images/vuln_low.gif" /><span class="level_danger_low" style="cursor:pointer">Apache Tomcat NIO连接器拒绝服务漏洞</span> 
                    
                </td>
            </tr>
            <tr class="solution" id="table_2_281105" style="display:none;">
                <td>
                    <table class="report_table plumb" width="100%">
                    
                    <tr class="odd">
                        <th width="100">详细描述</th>
                        <td>
                            
                                Apache Tomcat是一个流行的开放源码的JSP应用服务器程序。
                                
                                <br/>
                                
                            
                                 
                                
                                <br/>
                                
                            
                                Tomcat 7.0.0-7.0.27、Tomcat 6.0.0-6.0.35在使用开启了sendfile和HTTPS的NIO连接器时，若客户端请求较大的静态文件，并在读取响应的过程中切断与服务器的连接，会在服务器端产生死循环，导致拒绝服务。
                                
                                <br/>
                                
                            
                                 
                                
                                <br/>
                                
                            
                                &lt;*来源：Arun Neelicattu
                                
                                <br/>
                                
                            
                                   
                                
                                <br/>
                                
                            
                                   链接：3C50BE535A.9000600@apache.org%3E&#34; target=&#34;_blank&#34;&gt;http://mail-archives.apache.org/mod_mbox/tomcat-announce/201212.mbox/%3C50BE535A.9000600@apache.org%3E
                                
                                <br/>
                                
                            
                                         https://issues.apache.org/bugzilla/show_bug.cgi?id=52858
                                
                                <br/>
                                
                            
                                 *&gt;
                                
                                <br/>
                                
                            
                                
                                
                            
                        </td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">解决办法</th>
                        <td>
                            
                            厂商补丁：
                            
                            <br/>
                            
                        
                            apache
                            
                            <br/>
                            
                        
                            ---------  
                            
                            <br/>
                            
                        
                            目前 apache 已经发布 tomcat 最新版本, 请到厂商的官方页面下载最新版本:  
                            
                            <br/>
                            
                        
                            链接：http://tomcat.apache.org/
                            
                        	
                        </td>
                    </tr>
                    
                    <tr class="odd">
                        <th width="100">威胁分值</th>
                        <td>2.6</td>
                    </tr>
                    <tr class="even">
                        <th width="100">危险插件</th>
                        <td style="text-align:left;">否</td>
                    </tr>
                    <tr class="odd">
                        <th width="100">发现日期</th>
                        <td>2012-12-19</td>
                    </tr>
                    
                    <tr class="even">
                        <th width="100">CVE编号</th>
                        <td><a target="_blank" href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4534">CVE-2012-4534</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">BUGTRAQ</th>
                        <td><a target="_blank" href="http://www.securityfocus.com/bid/56813">56813</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">NSFOCUS</th>
                        <td><a target="_blank" href="http://www.nsfocus.net/vulndb/21695">21695</a></td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CNNVD编号</th>
                        <td><a target="_blank" href="http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-201212-055">CNNVD-201212-055</a></td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNCVE编号</th>
                        <td>CNCVE-20124534</td>
                    </tr>
                    
                    
                    <tr class="odd">
                        <th width="100">CVSS评分</th>
                        <td>2.6</td>
                    </tr>
                    
                    
                    <tr class="even">
                        <th width="100">CNVD编号</th>
                        <td><a target="_blank" href="http://www.cnvd.org.cn/flaw/show/CNVD-2012-7282">CNVD-2012-7282</a></td>
                    </tr>
                    
                    
                    </table>
                </td>
            </tr>
            
        </table>
    </div>
    

</div>
        
    
    

     
    
        <!-- config info -->





<div class="report_h report_h1">3.配置合规信息</div>
<div class="report_content">
	
    
    <div style="text-align:right; vertical-align:middle;">
        检查项类别：
        <input class='baseline_filter_checkbox' type="checkbox" checked="checked" value='baseline_yes' onclick="baseline_filter(this,'baseline_yes')">
        <img align="absbottom" src="media/report/images/is_safe.gif"/>合规
        [<span id='baseline_yes_span'>0</span>]&nbsp;&nbsp;
        <input class='baseline_filter_checkbox' type="checkbox" checked="checked" value='baseline_no' onclick="baseline_filter(this,'baseline_no')">
        <img align="absbottom" src="media/report/images/error.gif"/>不合规
        [<span id='baseline_no_span'>0</span>]
    </div>

	

	
	

	
	

	
	

	
	

	
	

	
	
    
    <script type="text/javascript">
        var $baseline_yes_span = jQuery('#baseline_yes_span');
        var $baseline_no_span = jQuery('#baseline_no_span');
        var $baseline_list = jQuery('tr.baseline');
        var yes_num = 0;
        var no_num = 0;
        $baseline_list.each(function(index,o) {
            if (jQuery(o).hasClass('baseline_yes')) {
                yes_num++;
            } else if (jQuery(o).hasClass('baseline_no')) {
                no_num++;
            } 
        });
        $baseline_yes_span.html(yes_num);
        $baseline_no_span.html(no_num);
        
        function baseline_filter(o,baseline_type){
            if (jQuery('.baseline_filter_checkbox:checked').length == 0){
                o.checked = true;
                alert("至少选择一种检查项类别！");
            }else{
                var $baseline_list = jQuery('tr.'+baseline_type);
                $baseline_list.each(function(index,o) {
                    jQuery(o).toggle();
                    if(jQuery(o).is(":hidden")){
                        jQuery(o).find('img.minus').attr('class','ico plus');
                        jQuery(o).next("."+jQuery(o).attr('id')).css('display','none');
                    }
                });
            }
        }
    </script></div>
        
    
    
        <!-- status_info -->





<div class="report_h report_h1">4.状态合规信息</div>
<div class="report_content"></div>
        
    
    

    
        <!-- other info -->





<div class="report_h report_h1">5.其他信息</div>
<div class="report_content">
	
	
    <div class="report_h report_h2" id="title5_1">5.1 端口信息</div>
	<div>
        
		<table class="report_table" style="word-wrap:break-word;">
			<thead>
				<tr>
					
					<th>端口</th>
					
					<th>协议</th>
					
					<th>服务</th>
					
					<th>状态</th>
					
				</tr>
			</thead>
            
			<tbody>
				
				
				<tr class="even">
					
					
					<td>
                        
                        7002
                        
                    </td>
					
					
					<td>
                        
                        tcp
                        
                    </td>
					
					
					<td>
                        
                        www
                        
                    </td>
					
					
					<td>
                        
                        open
                        
                    </td>
					
					
				</tr>
				
				
				<tr class="odd">
					
					
					<td>
                        
                        443
                        
                    </td>
					
					
					<td>
                        
                        tcp
                        
                    </td>
					
					
					<td>
                        
                        www
                        
                    </td>
					
					
					<td>
                        
                        open
                        
                    </td>
					
					
				</tr>
				
				
				<tr class="even">
					
					
					<td>
                        
                        80
                        
                    </td>
					
					
					<td>
                        
                        tcp
                        
                    </td>
					
					
					<td>
                        
                        http
                        
                    </td>
					
					
					<td>
                        
                        open
                        
                    </td>
					
					
				</tr>
				
				

			</tbody>
            
		</table>
        
	</div>
	
	
    <div class="report_h report_h2" id="title5_2">5.2 安装软件信息</div>
	<div>
        
		<table class="report_table" style="word-wrap:break-word;">
			<thead>
				<tr>
					
					<th>软件名称</th>
					
					<th>版本号</th>
					
				</tr>
			</thead>
            
			<tbody>
				
				
				<tr class="even">
					
					
					<td>
                        
                        Apache
                        
                    </td>
					
					
					<td>
                        
                        
                        
                    </td>
					
					
				</tr>
				
				

			</tbody>
            
		</table>
        
	</div>
	
	
    <div class="report_h report_h2" id="title5_3">5.3 端口Banner</div>
	<div>
        
		<table class="report_table" style="word-wrap:break-word;">
			<thead>
				<tr>
					
					<th>端口</th>
					
					<th>Banner</th>
					
				</tr>
			</thead>
            
			<tbody>
				
				
				<tr class="even">
					
					
					<td>
                        
                        80
                        
                    </td>
					
					
					<td>
                        
                        Apache-Coyote/1.1
                        
                    </td>
					
					
				</tr>
				
				
				<tr class="odd">
					
					
					<td>
                        
                        7002
                        
                    </td>
					
					
					<td>
                        
                        Tomcat/6.0.35
                        
                    </td>
					
					
				</tr>
				
				
				<tr class="even">
					
					
					<td>
                        
                        443
                        
                    </td>
					
					
					<td>
                        
                        Tomcat/6.0.35
                        
                    </td>
					
					
				</tr>
				
				

			</tbody>
            
		</table>
        
	</div>
	
	
</div>
        
    
    

    
        <!-- standards info -->





<div class="report_h report_h1">6.参考标准</div>
<div class="report_content"><div class="report_h report_h2" id="title6_1">6.1 单一漏洞风险等级评定标准</div>
	<div>
		<table class="report_table">
			<tbody>
				<tr class="second_title">
					<td width="60px">危险程度</td>
					<td width="150px">危险值区域</td>
					<td>危险程度说明</td>
				</tr>
				<tr class="even">
					<td><img src='media/report/images/vuln_high.gif'></img> 高</td>
					<td>7 &lt;= 漏洞风险值 &lt;= 10</td>
					<td>攻击者可以远程执行任意命令或者代码，或对系统进行远程拒绝服务攻击。</td>
				</tr>
				<tr class="odd">
					<td><img src='media/report/images/vuln_middle.gif'></img> 中</td>
					<td>4 &lt;= 漏洞风险值 &lt; 7</td>
					<td>攻击者可以远程创建、修改、删除文件或数据，或对普通服务进行拒绝服务攻击。</td>
				</tr>
				<tr class="even">
					<td><img src='media/report/images/vuln_low.gif'></img> 低</td>
					<td>0 &lt;= 漏洞风险值 &lt; 4</td>
					<td>攻击者可以获取某些系统、服务的信息，或读取系统文件和数据。</td>
				</tr>
			</tbody>
		</table>
		<p style="text-indent:0;">
			说明：
		</p>
		<ol style="list-style:decimal;padding-left:20px;">
			<li>
				漏洞的风险值兼容CVSS评分标准。
			</li>
		</ol>
	</div>
	<div class="report_h report_h2" id="title6_2">6.2 单一配置检查项等级评定标准</div>
	<div>
		<table class="report_table">
			<tbody>
				<tr class="second_title">
					<td width="60px">危险程度</td>
					<td width="150px">危险值区域</td>
					<td>危险程度说明</td>
				</tr>
				<tr class="even">
					<td><img src='media/report/images/vuln_high.gif'></img> 高</td>
                    <td>7 &lt;= 检查项风险值 &lt;= 10</td>
					<td>不当的配置导致攻击者可以通过其他方式获得管理员权限、或者只有管理员权限才能加固的配置。</td>
				</tr>
				<tr class="odd">
					<td><img src='media/report/images/vuln_middle.gif'></img> 中</td>
                    <td>4 &lt;= 检查项风险值 &lt; 7</td>
					<td>不当的配置导致攻击者可以对主机进行破坏或者收集主机的信息、或者遭受攻击后，重要事件没有记录。</td>
				</tr>
				<tr class="even">
					<td><img src='media/report/images/vuln_low.gif'></img> 低</td>
                    <td>0 &lt;= 检查项风险值 &lt; 4</td>
					<td>不当地配置对主机安全不会造成太大的影响。</td>
				</tr>
			</tbody>
		</table>
	</div>
	
	
    <div class="report_h report_h2" id="title6_3">6.3 主机风险等级评定标准</div>
	<div>
		<table class="report_table">
			<tbody>
				<tr class="second_title">
					<td width="200px">主机风险等级</td>
					<td>主机风险值区域</td>
				</tr>
				<tr class="even">
					<td><img src="media/report/images/d_high.gif"> 非常危险</td>
					<td>7.0 &lt;= 主机风险值 &lt;= 10.0</td>
				</tr>
				<tr class="odd">
					<td><img src="media/report/images/d_middle.gif"> 比较危险</td>
					<td>5.0 &lt;= 主机风险值 &lt; 7.0</td>
				</tr>
				<tr class="even">
					<td><img src="media/report/images/d_low.gif"> 比较安全</td>
					<td>2.0 &lt;= 主机风险值 &lt; 5.0</td>
				</tr>
				<tr class="odd">
					<td><img src="media/report/images/d_safe.gif"> 非常安全</td>
					<td>0.0 &lt;= 主机风险值 &lt; 2.0</td>
				</tr>
			</tbody>
		</table>
		<p style="text-indent:0;">
			说明：
		</p>
		<ol style="list-style:decimal;padding-left:20px;">
			<li>
				按照远程安全评估系统的主机风险评估模型计算主机风险值。根据得到的主机风险值参考“主机风险等级评定标准”标识主机风险等等级。
			</li>
			<li>
				将主机风险等级按照风险值的高低进行排序，得到非常危险、比较危险、比较安全、非常安全四种主机风险等级。
			</li>
			<li>
				用户可以根据自己的需要修订主机风险等级中的主机风险值范围。
			</li>
		</ol>
	</div></div>
    
  </div>
  <!--content end-->
  <div class="report_tip"></div>
</div>
<script type="text/javascript">
	function getPageY(element){
	  	return element.offsetTop + (element.offsetParent ? arguments.callee(element.offsetParent) : 0) 
	}
	jQuery(function($){
		//window.dialog = new UI.Dialog({name:'dialog'});
		$("#catalog_tree").report_tree();
		$("#report").catalog();
		$('#catalog').delegate('a.link', 'click', function(event){
        	event.preventDefault();
		    $("#catalog").find("div.report_content").hide();
            $("#catalog").find(".h1_dot").addClass("up");
            jumpToHash(event.target.hash);
		});
		$.gotop();
	});
</script>
</body>
</html>